Recorded Future reveals the activities of hackers tracking the political industry in Europe.
Recorded Future specialists have revealed information about the new cyber espionage campaign of the TA473 group, which is aimed at more than 80 organizations, mainly located in Georgia, Poland and Ukraine.
During the campaign, cybercriminals collect intelligence about political and military operations in Europe. The attacks, which took place from early to mid-October 2023, complement other TA473 operations against Uzbek government email servers identified in March 2023.
The attackers used sophisticated attack methods, combining social engineering with exploiting vulnerabilities (in particular, XSS vulnerabilities) in Roundcube Webmail servers to gain unauthorized access to victims ' mail servers. As a result, user credentials were stolen through specially designed payloads based on JavaScript.
TA473 attempts to attack the Iranian embassies in the Netherlands and the Georgian embassy in Sweden were also recorded, which indicates a broader geopolitical interest, in particular, in Iran's political activity, as well as Georgia's desire to join the European Union and NATO.
Recorded Future specialists have revealed information about the new cyber espionage campaign of the TA473 group, which is aimed at more than 80 organizations, mainly located in Georgia, Poland and Ukraine.
During the campaign, cybercriminals collect intelligence about political and military operations in Europe. The attacks, which took place from early to mid-October 2023, complement other TA473 operations against Uzbek government email servers identified in March 2023.
The attackers used sophisticated attack methods, combining social engineering with exploiting vulnerabilities (in particular, XSS vulnerabilities) in Roundcube Webmail servers to gain unauthorized access to victims ' mail servers. As a result, user credentials were stolen through specially designed payloads based on JavaScript.
TA473 attempts to attack the Iranian embassies in the Netherlands and the Georgian embassy in Sweden were also recorded, which indicates a broader geopolitical interest, in particular, in Iran's political activity, as well as Georgia's desire to join the European Union and NATO.
